Manuals / Apple / Computer Equipment / Server

Apple 10.6 manual Accessing Server Certificates from the Command Line

Models: 10.6

1 134
Download 134 pages 4.38 Kb
Page 71
Image 71
cd /private/var/root/Desktop

Importing an SSL Certificate into the Keychain from the Command Line

You can import your SSL certificate into the Keychain using Keychain Access or from the command line with certtool. To import an SSL certificate using certtool:

1Log in to the server as root.

2Open the Terminal application.

3Go to the folder where the saved certificate file is located.

For example, if the certificate file is saved on the desktop of the root user, enter and press Return.

4Enter the following command, and then press Return:

$ certtool i sslcert.txt k=certkc

Using certtool this way imports a certificate from the file named sslcert.txt into the keychain named certkc.

A message confirms that the certificate was imported.

...certificate successfully imported.

5Log out from the server.

After generating a CSR and a keychain, you continue configuring Mail service for automatic SSL connections by purchasing an SSL certificate from a certificate authority such as Verisign or Thawte. You can do this by completing a form on the certificate authority’s website.

When prompted for your CSR, open the csr.txt file using a text editor, such as TextEdit. Then, copy and paste the contents of the file into the appropriate field on the certificate authority’s website. The websites for these certificate authorities are at:

ÂÂ www.verisign.com ÂÂ www.thawte.com

When you receive your certificate, save it in a text file named sslcert.txt. You can save this file with the TextEdit application. Make sure that the file is plain text, not rich text, and that it contains only the certificate text.

Accessing Server Certificates from the Command Line

Server Admin keeps a centralized store of your server’s certificates for ease of use and management. Use certadmin to access this information from the command line. certadmin directly manipulates the list of certificates stored in the System keychain.

ÂÂ To view the certificates in the System keychain:

$ sudo certadmin list

By default, certadmin prints the Common Name field of each certificate separated by newlines. Adding the option -xor --xmlprints the certificate list to screen as an XML property list (plist).

Chapter 3    Mail Service Advanced Configuration

71

Page 70 Page 72
Page 71
Image 71
Apple 10.6 manual Accessing Server Certificates from the Command Line
Page 70 Page 72